[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [ 62.601042][ T26] kauditd_printk_skb: 7 callbacks suppressed [ 62.601051][ T26] audit: type=1800 audit(1568587516.097:29): pid=9676 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0 [ 62.627611][ T26] audit: type=1800 audit(1568587516.097:30): pid=9676 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0 Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.23' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 69.425964][ T9829] IPVS: ftp: loaded support on port[0] = 21 [ 69.449558][ T9829] kasan: CONFIG_KASAN_INLINE enabled [ 69.454904][ T9829] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 69.463163][ T9829] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 69.470073][ T9829] CPU: 0 PID: 9829 Comm: syz-executor938 Not tainted 5.3.0-rc8+ #0 [ 69.477931][ T9829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 69.487977][ T9829] RIP: 0010:__list_del_entry_valid+0x85/0xf5 [ 69.493932][ T9829] Code: 0f 84 e1 00 00 00 48 b8 22 01 00 00 00 00 ad de 49 39 c4 0f 84 e2 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 53 49 8b 14 24 4c 39 f2 0f 85 99 00 00 00 49 8d 7d [ 69.513525][ T9829] RSP: 0018:ffff88809689f450 EFLAGS: 00010246 [ 69.519575][ T9829] RAX: dffffc0000000000 RBX: ffff8880921f9680 RCX: ffffffff8159c28a [ 69.527523][ T9829] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880921f99e8 [ 69.535472][ T9829] RBP: ffff88809689f468 R08: 0000000000000004 R09: ffffed1012d13e7d [ 69.543606][ T9829] R10: ffffed1012d13e7c R11: 0000000000000003 R12: 0000000000000000 [ 69.551552][ T9829] R13: 0000000000000000 R14: ffff8880921f99e0 R15: ffff8880921f9940 [ 69.559502][ T9829] FS: 0000555556e2b880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 69.568405][ T9829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 69.574961][ T9829] CR2: 00000000200001c0 CR3: 00000000a1971000 CR4: 00000000001406f0 [ 69.582911][ T9829] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 69.590855][ T9829] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 69.598802][ T9829] Call Trace: [ 69.602086][ T9829] cbs_destroy+0x7d/0x2a0 [ 69.606405][ T9829] ? cbs_init+0x25d/0x450 [ 69.610707][ T9829] ? cbs_dequeue_soft+0x410/0x410 [ 69.615703][ T9829] qdisc_create+0xbc6/0x1210 [ 69.620268][ T9829] ? tc_get_qdisc+0xc10/0xc10 [ 69.625084][ T9829] ? __nla_parse+0x43/0x60 [ 69.629484][ T9829] tc_modify_qdisc+0x524/0x1c50 [ 69.634341][ T9829] ? qdisc_create+0x1210/0x1210 [ 69.639182][ T9829] ? rtnetlink_rcv_msg+0x1ea/0xb00 [ 69.644284][ T9829] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.650503][ T9829] ? qdisc_create+0x1210/0x1210 [ 69.655335][ T9829] rtnetlink_rcv_msg+0x463/0xb00 [ 69.660250][ T9829] ? rtnetlink_put_metrics+0x580/0x580 [ 69.665685][ T9829] ? lock_downgrade+0x920/0x920 [ 69.670521][ T9829] ? netlink_remove_tap+0x4d0/0x4d0 [ 69.675694][ T9829] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 69.681386][ T9829] netlink_rcv_skb+0x177/0x450 [ 69.686126][ T9829] ? rtnetlink_put_metrics+0x580/0x580 [ 69.691558][ T9829] ? netlink_ack+0xb30/0xb30 [ 69.696132][ T9829] ? lock_downgrade+0x920/0x920 [ 69.700973][ T9829] ? netlink_deliver_tap+0x254/0xbf0 [ 69.706410][ T9829] rtnetlink_rcv+0x1d/0x30 [ 69.710802][ T9829] netlink_unicast+0x531/0x710 [ 69.715553][ T9829] ? netlink_attachskb+0x7c0/0x7c0 [ 69.720654][ T9829] ? _copy_from_iter_full+0x25d/0x8a0 [ 69.726027][ T9829] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 69.731733][ T9829] ? __check_object_size+0x3d/0x437 [ 69.736914][ T9829] netlink_sendmsg+0x8a5/0xd60 [ 69.741671][ T9829] ? netlink_unicast+0x710/0x710 [ 69.746607][ T9829] ? aa_sock_msg_perm.isra.0+0xba/0x170 [ 69.752140][ T9829] ? apparmor_socket_sendmsg+0x2a/0x30 [ 69.757596][ T9829] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.763831][ T9829] ? security_socket_sendmsg+0x8d/0xc0 [ 69.769465][ T9829] ? netlink_unicast+0x710/0x710 [ 69.774381][ T9829] sock_sendmsg+0xd7/0x130 [ 69.778773][ T9829] ___sys_sendmsg+0x803/0x920 [ 69.783427][ T9829] ? copy_msghdr_from_user+0x440/0x440 [ 69.788865][ T9829] ? lock_downgrade+0x920/0x920 [ 69.793690][ T9829] ? rwlock_bug.part.0+0x90/0x90 [ 69.798733][ T9829] ? __kasan_check_read+0x11/0x20 [ 69.803862][ T9829] ? lock_downgrade+0x920/0x920 [ 69.808711][ T9829] ? __might_fault+0xfb/0x1e0 [ 69.813368][ T9829] ? __kasan_check_read+0x11/0x20 [ 69.818373][ T9829] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.824590][ T9829] ? __fget_light+0x1a9/0x230 [ 69.829246][ T9829] ? __fdget+0x1b/0x20 [ 69.833292][ T9829] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 69.839511][ T9829] __sys_sendmsg+0x105/0x1d0 [ 69.844080][ T9829] ? __sys_sendmsg_sock+0xd0/0xd0 [ 69.849088][ T9829] ? down_read_non_owner+0x450/0x450 [ 69.854347][ T9829] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 69.860562][ T9829] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 69.866706][ T9829] __x64_sys_sendmsg+0x78/0xb0 [ 69.871445][ T9829] do_syscall_64+0xfd/0x6a0 [ 69.875923][ T9829] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 69.881787][ T9829] RIP: 0033:0x440c69 [ 69.885658][ T9829] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 69.905240][ T9829] RSP: 002b:00007ffd9e3e6f88 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 69.913635][ T9829] RAX: ffffffffffffffda RBX: 00000000004a23f0 RCX: 0000000000440c69 [ 69.921591][ T9829] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003 [ 69.929544][ T9829] RBP: 00000000006cb018 R08: 0000000120080522 R09: 0000000120080522 [ 69.937551][ T9829] R10: 0000000120080522 R11: 0000000000000246 R12: 0000000000402170 [ 69.945603][ T9829] R13: 0000000000402200 R14: 0000000000000000 R15: 0000000000000000 [ 69.953554][ T9829] Modules linked in: [ 69.957568][ T9829] ---[ end trace 58f5f8ce23e586ff ]--- [ 69.963114][ T9829] RIP: 0010:__list_del_entry_valid+0x85/0xf5 [ 69.969121][ T9829] Code: 0f 84 e1 00 00 00 48 b8 22 01 00 00 00 00 ad de 49 39 c4 0f 84 e2 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 75 53 49 8b 14 24 4c 39 f2 0f 85 99 00 00 00 49 8d 7d [ 69.988738][ T9829] RSP: 0018:ffff88809689f450 EFLAGS: 00010246 [ 69.994869][ T9829] RAX: dffffc0000000000 RBX: ffff8880921f9680 RCX: ffffffff8159c28a [ 70.002882][ T9829] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff8880921f99e8 [ 70.010864][ T9829] RBP: ffff88809689f468 R08: 0000000000000004 R09: ffffed1012d13e7d [ 70.018839][ T9829] R10: ffffed1012d13e7c R11: 0000000000000003 R12: 0000000000000000 [ 70.026811][ T9829] R13: 0000000000000000 R14: ffff8880921f99e0 R15: ffff8880921f9940 [ 70.034787][ T9829] FS: 0000555556e2b880(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 70.043700][ T9829] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 70.050299][ T9829] CR2: 00000000200001c0 CR3: 00000000a1971000 CR4: 00000000001406f0 [ 70.058287][ T9829] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.066268][ T9829] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.074236][ T9829] Kernel panic - not syncing: Fatal exception [ 70.081845][ T9829] Kernel Offset: disabled [ 70.086164][ T9829] Rebooting in 86400 seconds..